f;3 
Co 



□ 




00 







NT 




LLI 




_J 




o 




>• 




X 




o 








Q_ 








# 



m 
□ 

1:4 



00 





O 



LU 
>- 



< 

o 

_l 
Q. 

< 



CO 
Q. 
O 
Q- 



a: 



a. 
o 



en 
O 
o. 

CO 



Q- 

O 



on ^ 

LU Q_ 

o: 



on < 

LU cr: 

^ LU 

^ CO 

Z LU 

=5 i 



6 5 



en 
o 



CM 



< 
o 



O 
z o 

LU ^ 

^ a: 
Q o 

CO ^ 



cn 

LU 

cc: 
o 



O 



< 

o 

I 

Q. 
CL 
< 



O 
Q- 



<! LU 

z >- 

< 
o 



o 
o 

CD 



o 
o 



CO 

on 



on 
o 



LU 

LU 



5/8 




JOE BLOGGS 
67.227.117.77 



56K DIAL-UP 
CONNECTION 



THE 
INTERNET 




DEDICATED T1 
CONNECTION 




THE 0RANG.COM MAIN OFFICE 
PRIVATE NETWORK (1.251.174.0) 



RESTRICTIVE FIREWALL 
(OUT ONLY) 1.251.174.1, 
64.224.114.64 



1.251.174.0 




NETWORK ROUTER 
1.251.174.158 



PROXY CLIENT 
1.251.174.156 



MAIL SERVER 
(MAIL.0RANG.COM) 
1.251.174.155 



WEB SERVER 
(WWW.0RANG.COM) 
1.251.174.157 



FIG. 5 



6/8 



CLIENT 


INTERMEDIARY 


PROXY CLIENT 


SERVER 










^-^vA\~^ 
<^UTHENTICATED> 

YES 


- REGISTER VIRTUAL 
ADDRESS (VA) 

NO-n 






KEEP OPEN PROXY 

CLIENT 
CONNECTION AND - 
WAIT FOR CLIENT 

T ' 




WARN 
ADMINISTRATOR 
OF CONNECTION 

ERROR 


SEND A REQUEST 
FOR SERVICE TO 

A VIRTUAL 
ADDRESS ON THE 
INTERMEDIARY 




INTERPRET 
REQUEST TO 
► IDENTIFY CORRECT 
PROXY CLIENT 
rriMMFPTinM 








f 

TRANSFORM THE 
REQUEST VA TO A 
REAL APPLICATION 
ADDRESS REQUEST 

T 




SEND REQUEST TO 
WAITING OPEN 
PROXY CLIENT "* 
CONNECTION 


RECEIVE CLIENT 
REQUEST 

f 


RECEIVE SERVER 
KborUNob 

T 

TRANSLATE ANY 
REAL APPLICATION 
ADDRESSES INTO 
VIRTUAL ADDRESSES 

f 


OPEN CLIENT 
CONNECTION TO . 
SERVER AND SEND' 
REQUEST 


RECEIVE REQUEST, 

INTERPRET, 
' ACTION, SEND 
BACK RESPONSE 


RECEIVE 
RESPONSES 
RETURN TO 
• INTERMEDIARY VIA 
OPEN 

connection 

/sart a new\ 
/proxy client \ 
connection & 
-Aregistration/ 

\PROCESS/ 


< 




RECEIVE 
RESPONSE 


RETURN RESPONSE 
' TO CLIENT 


FIG. 6 


▼ 

BREAK 
CONNECTION , 

WITH 
INTERMEDIARY 


BREAK CONNECTION 
' WITH PROXY CLIENT " 



oo 



'•■B 

o 
Co 



O 




CLIENT[C] 
SERVER[S] 



8/8 

MODIFIED ROUTER[C] 
MODIFIED ROUTER[S] 



INTERMEDIARY 



PROXY CLIENT[S] 
PROXY CLIENT[C] 



SEND A NETWORK 
DATAGRAM 
DESTINED FOR 
THE OPPOSITE 
NETWORK 
(ROUTED VIA THE 
MODIFIED 
ROUTER) 




REGISTER VIRTUAL 
ADDRESS (VA) 



-NO — , 



YES 




ADD A VIRTUAL 
ADDRESS HEADER 
AND 

AUTHENTICATION 
DATA FOR THE 
OPPOSITE 
NETWORK 



KEEP OPEN PROXY 
CLIENT CONNECTION 
AND WAIT FOR 
CLIENT REQUESTS 



WARN 
ADMINISTRATOR 
OF CONNECTION 

ERROR 



INTERPRET 
REQUEST HEADER 

TO IDENTIFY 
CORRECT PROXY 
CLIENT CONNECTION 



DATAGRAM 
ROUTED TO 
MODIFIED ROUTER 
AT THE LINK LAYER 



I 



DROP MODIFIED 
ROUTER HEADER 
AND WAIT FOR 
ENCAPSULATED 
DATAGRAM 



RECEIVE 
DATAGRAM, 
INTERPRET, 
ACTION AND 
REPLY WITH A 

DATAGRAM 
DESTINED FOR 
THE OPPOSITE 
NETWORK 



SEND 
ENCAPSULATED 
DATAGRAM TO 

OPPOSITE NEWTORK 
VIA OPEN PROXY 

CLIENT CONNECTION 



RECEIVE NETWORK 
DATAGRAM 



DATAGRAM REPEATED ON 
■ OPPOSITE NETWORK ' 



FIG. 8 



REPEAT THE 
DATAGRAM 
THROUGH THE 
PHYSICAL LINK 
LAYER 



BREAK 
CONNECTION TO 
INTERMEDIARY AND 
START A FRESH 
REGISTRATION 
PROCESS 



